EFS on Standalone Workstations with Network Share
Hi, i have a question for someone who has 3 workstations and wishes to have EFS but doesnt necessarily want to purchase a server or have full blown PKI just yet. I have a few questions from below:
Say for example there is a shared drive, and two users, 'user A' and 'user B'.
User A saves and encrypts a file on the shared drive. User B then tried to access and open User A's encrypted file...
My questions are:
I guess in the above scenario when User B initially tried to open this file they will be unable as they do not have the certificate of User A, is this correct?
Would it be possible for User A to export their certificate (including Private Key), and for User B to import it, would the User B then be able to open the shared file?
Finally, is EFS encryption done on a per workstation basis or would this need to be done for each user?
Many thanks in advance,
Chris
August 16th, 2010 7:12pm
Hi,
I guess in the above scenario when User B initially tried to open this file they will be unable as they do not have the certificate of User A, is this
correct?
>> Yes.
Would it be possible for User A to export their certificate (including Private Key), and for User B to import it, would the User B then be able to open
the shared file?
>> You can refer to the following KB.
Best practices for the Encrypting File System
http://support.microsoft.com/?KBID=223316
Finally, is EFS encryption done on a per workstation basis or would this need to be done for each user?
>> I think you answered the question in your first question. If user A encrypted the folder Folder_A, user B will not be able to open it and vice
versa.
By the way, you can refer to the following link.
The Encrypting File System
http://technet.microsoft.com/en-us/library/cc700811.aspx
Best Regards,
Vincent Hu
Free Windows Admin Tool Kit Click here and download it now
August 17th, 2010 9:40am